similar to: shorewall add fails with IPSET=

Displaying 20 results from an estimated 1000 matches similar to: "shorewall add fails with IPSET="

2012 Sep 30
12
shorewall dynamic zones confusion
Hi, I''ve been successfully using shorewall in our K12 school since the 2.x days initially on Mandrake and now on Debian. Because of that my config has got quite complicated. The firewall has a working MultiISP setup with four interfaces (I''ve renamed them with udev to easy their identification): lan-if, dmz-if, snt-if and dnt-if (one of the providers (the one on dnt-if) is a DSL
2015 Feb 17
3
Using "ipset" under CentOS7
ipset on CentOS6 comes with /etc/rc.d/init.d/ipset so that "service ipset reload" can be used to (re)load the configuration. CentOS7 doesn't come with an equivalent for systemd: # systemctl reload ipset.service Failed to issue method call: Unit ipset.service failed to load: No such file or directory. # systemctl start ipset.service Failed to issue method call: Unit ipset.service
2010 Mar 11
2
[Bug 640] New: ipset-4.2 : ipset -T <some_setlist> <address> always negative
http://bugzilla.netfilter.org/show_bug.cgi?id=640 Summary: ipset-4.2 : ipset -T <some_setlist> <address> always negative Product: ipset Version: unspecified Platform: All OS/Version: All Status: NEW Severity: normal Priority: P1 Component: default AssignedTo:
2023 Dec 05
3
[Bug 1726] New: invalid json generated by ipset list -output json
https://bugzilla.netfilter.org/show_bug.cgi?id=1726 Bug ID: 1726 Summary: invalid json generated by ipset list -output json Product: ipset Version: unspecified Hardware: x86_64 OS: Debian GNU/Linux Status: NEW Severity: trivial Priority: P5 Component: default Assignee:
2014 Dec 08
2
ipset not actually blocking
i created an ipset and added 8.8.8.8 to it and used the same iptables working all summer long but ?i can still ping 8.8.8.8 and do nslookup queries against it. ipset or iptables is broken. Anybody else rebooted since ipset-6.11-3.el6.i686 was installed and actually tested that IP addresses that are supposed to be blacklisted are actually blocked? ? Filed CentOS bug report 7977
2011 Aug 02
3
[Bug 733] New: ipset restore won't restore from output of ipset save
http://bugzilla.netfilter.org/show_bug.cgi?id=733 Summary: ipset restore won't restore from output of ipset save Product: ipset Version: unspecified Platform: All OS/Version: Debian GNU/Linux Status: NEW Severity: normal Priority: P5 Component: default AssignedTo: netfilter-buglog at
2016 Sep 21
1
ipset and blacklisting
-------- Original Message -------- Subject: Re: [CentOS] ipset and blacklisting From: "Albert McCann" <mac358 at newsguy.com> Date: Wed, September 21, 2016 5:34 am To: "'CentOS mailing list'" <centos at centos.org> How are you saving and reloading the ipsets over a reboot? > -----Original Message----- > From: centos-bounces at centos.org
2013 Dec 03
8
[Bug 880] New: ipset doesn't refresh the timeout for an existing entry when the table is FULL.
https://bugzilla.netfilter.org/show_bug.cgi?id=880 Summary: ipset doesn't refresh the timeout for an existing entry when the table is FULL. Product: ipset Version: unspecified Platform: x86_64 OS/Version: Fedora Status: NEW Severity: normal Priority: P5 Component: default
2023 Oct 25
4
[Bug 1719] New: ipset wrongly blocking undefined ranges and not blocking ranges that are defined
https://bugzilla.netfilter.org/show_bug.cgi?id=1719 Bug ID: 1719 Summary: ipset wrongly blocking undefined ranges and not blocking ranges that are defined Product: ipset Version: unspecified Hardware: All OS: RedHat Linux Status: NEW Severity: critical Priority: P5
2011 Jun 01
8
[Bug 719] New: ipset restore fails randomly
http://bugzilla.netfilter.org/show_bug.cgi?id=719 Summary: ipset restore fails randomly Product: ipset Version: unspecified Platform: All OS/Version: All Status: NEW Severity: critical Priority: P3 Component: default AssignedTo: netfilter-buglog at lists.netfilter.org ReportedBy:
2019 Mar 25
3
[Bug 1328] New: Please allow ipset add and del via the /proc/net/xt_ipset mechanism
https://bugzilla.netfilter.org/show_bug.cgi?id=1328 Bug ID: 1328 Summary: Please allow ipset add and del via the /proc/net/xt_ipset mechanism Product: ipset Version: unspecified Hardware: x86_64 OS: All Status: NEW Severity: enhancement Priority: P5 Component:
2024 Apr 20
3
[Bug 1750] New: 'ipset save' does not save in format loadable by systemd (it saves in 'ipset list' format)
https://bugzilla.netfilter.org/show_bug.cgi?id=1750 Bug ID: 1750 Summary: 'ipset save' does not save in format loadable by systemd (it saves in 'ipset list' format) Product: ipset Version: unspecified Hardware: x86_64 OS: All Status: NEW Severity: normal
2015 Sep 24
1
Bug in init scripts for ipset?
I've just started experimenting with ipset under CentOS 6, and have found what appears to be a bug (or poor design) in the init scripts for ipset, /etc/rc.d/init.d/ipset In stop(), save() and status(), it does lsmod to check for the existence of the ip_set module. If the module is not found, it exits without performing any action. This doesn't take account of a kernel where the ip_set
2010 Jun 17
4
shorewall 4.4.10 failing to start; won't recognize ipset "capability"
I have been using shorewall for years with ipsets. I have encountered a problem after upgrading from 4.2.11 to 4.4.10. When I run ''shorewall-check'' or ''shorewall start'', it halts with the error: ---------------------------------------------------------------------- ERROR: ipset names in Shorewall configuration files require Ipset Match in your kernel and
2012 Feb 28
6
[Bug 773] New: iptables performance limits on # of rules using ipset
http://bugzilla.netfilter.org/show_bug.cgi?id=773 Summary: iptables performance limits on # of rules using ipset Product: ipset Version: unspecified Platform: All OS/Version: All Status: NEW Severity: enhancement Priority: P5 Component: default AssignedTo: netfilter-buglog at lists.netfilter.org
2011 Mar 10
2
[Bug 709] New: Update docs / man page for latest ipset versions
http://bugzilla.netfilter.org/show_bug.cgi?id=709 Summary: Update docs / man page for latest ipset versions Product: ipset Version: unspecified Platform: All OS/Version: All Status: NEW Severity: enhancement Priority: P3 Component: default AssignedTo: netfilter-buglog at lists.netfilter.org
2018 Sep 15
3
ipset-service save fails when module compiled into kernel
I want to use the ipset-service to store ipsets persistently across boots. (For use by iptables rules. firewalld has direct support for persistent ipsets but I need the more general capability of raw iptables.) I'm using a kernel with ipsets compiled in, rather than loaded as a module. The support script that saves ipsets checks if the module is loaded before saving and finds nothing, so
2013 Aug 04
4
[Bug 838] New: ipset add foo syslog fails for bitmap:port
https://bugzilla.netfilter.org/show_bug.cgi?id=838 Summary: ipset add foo syslog fails for bitmap:port Product: ipset Version: unspecified Platform: All OS/Version: All Status: NEW Severity: normal Priority: P5 Component: default AssignedTo: netfilter-buglog at lists.netfilter.org
2011 Jul 24
4
[Bug 729] New: iptables + ipset rules apply but nothing go to the chain
http://bugzilla.netfilter.org/show_bug.cgi?id=729 Summary: iptables + ipset rules apply but nothing go to the chain Product: iptables Version: unspecified Platform: x86_64 OS/Version: Debian GNU/Linux Status: NEW Severity: critical Priority: P2 Component: iptables AssignedTo: netfilter-buglog at
2013 Dec 13
2
Shorewall and mode statistic
Hi all, I''m tring to convert some manually written iptables rules into a shorewall configuration but I''m facing some issue with mode statistic. In our outgoing smtp we balance the source IP address of outgoing connections originating from the firewall between 4 alias configured on eth0 interface: eth0 inet addr:xxx.xxx.xxx.18 Bcast:xxx.xxx.xxx.255 Mask:255.255.255.0 eth0:1